Firefox中包含Flatpak vs拍的比较

Linux桌面在桌面应用程序化和过程隔离沙箱技术方面已经看到了很大的进步。如果使用程序的位置出错,请将节目持有持有彼此的环境和文件可以大大提高安全性。FLOTPAK和SNAP是桌面上的两个领先的实现。

我以前称赞了我得到的增加的安全playing Steam games inside a Flatpak container。我已经逾期扩展到Web浏览器的增加的保护层。我相信在夜晚我会睡得更好,知道我的网络浏览器与我的其余系统之间有一个额外的安全层。

To this end, I wanted to compare the current versions of Firefox Flatpak and Firefox Snap on Fedora 31. Due to the nature of containerized apps, you can expect my experiences to translate to other Linux distributions.

我将从Fedora FlatPak存储库中测试Firefox 71,并从Cononical Snapcraft Store稳定Firefox 71。我将在本文中将这些称为“Fedora Flatpak”和“Firefox Snap”。请注意,您可以使用Flathub等替代FlatPak存储库。这些备用存储库可能会有其他默认限制和功能的Firefox的不同变体。

Update ():现在有一个官方版的Firefox 75包装与Mozilla的Flatpak。它发布在Flathub存储库中。它消除了本文中提到的性能问题,以及带有MPEG-4解码器的船舶。本文已更新此版本。它在整个文章中称为“Mozilla Flatpak”,将其与Fedora的版本区分开来。

下表是快速比较本文中的功能和限制我会更详细地进行。

Firefox 75 Firefox 71
Feature Mozilla Flatpak. Fedora Flatpak. snap
文件系统保护
主目录 ~/Downloads only 只读,可以撤销 只读,不可撤销
/等等,/var Sandboxed 不受限制的
设备访问
USB / U2F安全令牌 不受限制的访问,可撤销 Blocked 允许
网络摄像头/麦克风 Blocked 允许
桌面集成
UI&Web字体 良好的默认值 唯一的fremono
Hidpi(4K)支持 微小的鼠标光标
通知 freedesktop. 习俗
Multimedia
国会议员EG-4 codec Built-in Unsupported Built-in
性能
UI响应性 一直快速 一些缓慢的
Start-up time 700毫安 720 ms 〜11秒
Speedometer 2 -0% -24,9 % -4,7%
Jetstream 2. -0,7% -11,3 % -4,6 %
Motionmark 1.1 -5,8% -65,2 % -10,4 %

文件系统访问限制

Firefox FlatPak沙盒系统级目录喜欢/等等//var/。Firefox Snap与系统级目录具有与用户相同的权限。

Mozilla FlatPak只能访问〜/下载/

By default, Fedora Flatpak has read-access to the entire home directory. It also has read and write access to~/.mozilla/,〜/ .cache / firefox /,和〜/下载/。这是Firefox通常保留其用户数据加上默认的短暂下载目录。

您可以通过运行下面的命令来撤消Fedora Flatpak的访问权限(同时维护特定权限提到的avoce)。您仍然可以使用文件访问主目录中的文件:打开对话框,选择要上载的文件时。

flatpak override --user \ --nofilesystem = home org.mozilla.firefox

Firefox Snap在主目录中具有不可撤销的只读访问非隐藏文件和目录。隐藏文件是文件和目录,其名称以““。

换句话说,它限制了对敏感区域的访问〜/ .ssh /~/.bitcoin/但没有什么可以限制对你的访问〜/文件/〜/图片/。这些目录中的至少一个是目标an old Firefox exploit

它想要写入主目录或从dot-directory读取的任何东西都被重定向到~/snap/firefox/common/

两个变体沙箱/tmp/(启动循环的临时文件)但只有FlatPak Sandboxes/ var / tmp /(重新启动 - 持久的暂时文件)。

Firefox Snap在两者中具有最严格的默认主目录保护。但是,只有FLATPAK限制对系统目录的访问。FLOTPAK也可以配置为通过撤销对主目录的访问具有最严格的配置。

设备访问

您的Web浏览器需要访问您的网络摄像头和麦克风以进行视频会议等。如果您使用USB安全密钥令牌具有双因素身份验证的任何在线帐户,还需要访问U2F设备。

SNAP提供专用硬件设备访问策略,用于特定设备类别,例如USB安全密钥令牌和网络摄像头。Firefox Snap默认情况下,可以访问您的网络摄像头,麦克风和USB安全令牌。

Mozilla Firefox has full access to all hardware devices. Fedora Flatpak is blocked from accessing any of your hardware devices. Blocking offers stronger security and privacy protections but comes at a loss of functionality. This can be crippling if use services that require U2F like谷歌高级保护

FLATPAK仅具有两个可用于设备的访问策略:允许访问所有设备或阻止对所有设备的访问。您可以使用以下命令翻转此策略:yabo亚博体育下载

flatpak override --user \ --device=all org.mozilla.Firefox

您可以在FlatePak和Snap下更改设备访问策略。如果您想根据您的需求打开和关闭,您需要记住命令并重新启动浏览器。对于大多数人来说,这可能是一个麻烦。

This comes down to how paranoid you want to be about your device security. Blocking the browser from accessing your camera and microphone may be considered a net benefit unless you use them every day.

Firefox Snap提供了开箱即用的支持,并提供增强的硬件设备。这可以是双刃剑,因为它也意味着潜在的利用可以访问您的设备的麦克风和相机。FLATPAK对设备访问没有粒度控制。您要么可以访问所有设备或根本没有(默认值)。

桌面集成

Flatpak has the clear advantage when it comes to desktop environment integration. It also uses the expected default system font for user interface elements and looks like any other GTK+ apps. It looks and behaves as Firefox running unconstrained directly on the host system.

FlatPak Firefox与Freedesktop通知系统(由Gnome和KDE使用)进行Web通知。捕捉变量没有与系统范围的通知系统集成。

Its custom notification pop-overs doesn’t respect system settings for notifications (quiet hours, etc.). The custom notifications are easy to miss as they aren’t shown on top of other windows.

Firefox Snaps看起来不错,但它与其他GTK + Apps有一些微小的样式差异。更严重的问题之一是它使用Freemono常规(固定宽度/单座字体)而不是SAN-Serif字体。

The font issue extends on to the web as well. Every webpage that doesn’t supply custom Web Fonts uses FreeMono Regular instead. This causes many website designs to break and text legibility goes right out the window compared to a sans-serif font. This issue is fixed in the beta release channel.

Flatpak (left) vs Snap (right) mouse cursor sizes.

You can compare how fonts look in Flatpak versus Firefox Snap in the above video. You’ll also notice that the Snap version has an issue with the mouse cursor shrinking when entering the window.

The cursor changes the pointer-icon when moving it over the Firefox window. It also shrinks to half the expected size on a high-definition (HiDPI) display. Unfortunately, this isn’t just a cosmetic problem. You need to move the mouse twice the distance to get across the screen.

Multimedia

MPEG-4(MP4 / AAC)是一个流行yabo88软件下载的专有多媒体编解码器。您在线观看的大多数视频 - YouTube之外 - 可能会被此编解码器编码。这也是Live流视频中最常见的编解码器。

Firefox Snap附带MPEG-4支持。Mozilla Flatpak也是如此。在网上观看视频不应该有任何问题。

主要的Fedora Package Repository不带来MPEG-4视频编解码器对Firefox或其他应用程序。该编解码器是专利和许可证 - 妨碍了,这可以防止Fedora默认分发。存储库具有相同的限制。

但是,您可以在Fedora上安装其他编解码器。FlatPak Sandbox可防止Firefox使用这些额外的多媒体编解码器。这是沙箱做了工作。不幸的是,您无法将额外的编解码器安装到FlatPak Sandbox环境中。

缺乏MPEG-4支持可能是将有人停止使用Fedora Flatpak的关键问题,以支持未受控系统默认。幸运的是,Mozilla Flatpak拥有对Codec的支持。

性能

我测试过的每个捕捉包都慢慢发布。它一般需要5-12秒从您开始一个程序,直到它出现在屏幕上。Firefox Snap大约需要11秒才能开始。

今年早些时候,捕捉修复了一个引起速度速度速度的字体缓存问题。I’m running a version with that fix. However, Firefox Snap’s font-cache is notably still broken. This is also what causes the problem with the monospace font. This could still be the root cause of the start-up performance issue.

For comparison, Flatpak starts up in less than a second. Flatpak also feels more responsive when scrolling, switching tabs, and other UI operations. Firefox Snap has noticeable lag when performing the same operations.

The车速表2基准试图衡量Web应用程序的响应性。Fedora FlatPak比在系统上未被裁员安装的Firefox慢25%。Firefox Snap仅惩罚该数字的25%。

TheJetstream 2基准测试JavaScript和Webassembly性能。与直接在主机系统上运行的Firefox相比,Firefox Snap具有4,6%的性能损失。Fedora Flatpak速度较慢11,3%。

Fedora Flatpak坦克Motionmark 1.1基准。It’s a full 65,2 % slower than Firefox running on the host system. Firefox Snap is only 10,4 % slower. Both variants see the biggest difference in the Canvas painting tests. Fedora Flatpak nearly half the speed (-98,63 %) of Firefox running on the host system.

Perceived performance undoubtedlyfeels在Fedora Flatpak更好,尽管Firefox在图形和计算合成基准中击败它。

Conclusions

You may want to stick with an unconstrained installation of Firefox if you’re using older hardware that would be severely affected by the decreased performance. The relaxed sandboxing of Firefox Snap would still protect some of your files. Fedora Flatpak set to block home directory access will likely yield the highest level of protection, however.

Firefox Snap is the clear winner when it comes to capabilities with support for video-conferencing, USB security token, and video playback. These are arguably attack-surfaces you may be better without. You can use a separate browser for these tasks only. It comes down to whether you need these features regularly or not.

表演故事非常有趣。FlatPak Sandbox会伤害Firefox的Web表现。但这是捕捉版本feels使用缓慢。感知的性能可能取决于您的硬件以及哪种类型的延迟令您烦恼。

Update (): Alexander Larsson from Red Hat指出Fedora FlatPak没有建造PGO.。This could account for the performance difference. It’s also something concrete that Fedora can improve on to help bring performance on par with Firefox running directly on the host.

我想我会在新的一年开始迁移到Fedora Flatpak。

我可能会发现时间测试QUBES OS.first, though. It’s a Linux distribution wheremany tasks of the operating system独立地从其他一切孤立。虽然,我不确定我是否会睡得更好或睡眠跳跃的脚,首先跳到像QUBES OS复杂的东西。

感谢来自Canonical Ltd.的Maciej Borzecki,通过使用Firefox Snap来引导我通过故障排除字体和鼠标光标问题。

我在Fedora 31上使用Firefox 71,FlatPak 1.4.3和Snapd 2.42.2。更新文章以将Firefox 75从Firefox存储库中与Flathub(官方Mozilla释放)和Firefox 75进行比较。